I know you said that was a TODO a long time ago, but have you thought any further about it? It seems like the only real "hole" in the suite from my POV. (Ok, the update process is a little weird, but apart from that ...)

Password-protected databases are supported for quite some time now. It includes several different encryption standards for SQLite (such as SQLCipher or wxSqlite). Just use different database plugin (when adding/opening database).